deBridge<\/a><\/b> is a cross-chain interoperability and liquidity transfer protocol<\/strong> that allows decentralized transfer of assets between various blockchains. The cross-chain intercommunication of deBridge smart contracts is powered by a network of independent oracles\/validators elected by deBridge governance.<\/p>\n deBridge protocol is an infrastructure platform and hooking service which aims to become a standard for<\/strong>:<\/p>\n To learn more about <\/span>deBridge Finance, read the official documentation<\/strong><\/span> here<\/a><\/strong>.<\/span><\/p>\n Ackee Blockchain and<\/span> deBridge Finance agreed to perform two follow-up audits. Between October 18 and October 29, 2021<\/strong>, the<\/span>\u00a0Ackee Blockchain<\/a> security team successfully completed the first<\/strong><\/span> audit<\/b>. The time donation was 20 engineering days.<\/p>\n The second audit<\/b> of deBridge Finance was performed between November 22 and December 3, 2021, <\/strong><\/span>with a time donation of 10 engineering days. Its main focus was checking whether\u00a0<\/span>reported issues from the first revision were correctly fixed.<\/p>\n At the beginning of the\u00a0audit<\/span><\/a>, the\u00a0following\u00a0main objectives\u00a0<\/b>were defined:<\/p>\n The security review was performed by\u00a0m<\/strong>anual code review\u00a0<\/b>\u2013 checking the code line by line for common vulnerabilities or code duplication, and by\u00a0l<\/strong>ocal deployment and hacking<\/b>\u00a0\u2013 deploying the program locally, then trying to attack the system and break it.<\/p>\n Using the tools mentioned above led to the following\u00a0findings<\/a><\/strong>:<\/p>\n 10 low <\/strong>severity, 6\u00a0medium<\/strong> severity, and 3 high<\/strong> severity issues were identified.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n Revision 2 of the audit discovered 3 low <\/strong>severity, 1 medium<\/strong> severity and 1 high<\/strong> severity issues.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n The code is mature in quality<\/strong>, with sufficient test coverage and supporting documentation. The client correctly fixed all issues<\/strong> discovered in Revision 1 except issue M1, which was addressed correctly but not all of its occurrences.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n deBridge Finance values security as the most crucial aspect of cross-chain interoperability<\/strong>.<\/strong> We also share these values at<\/span> Ackee Blockchain and are honored to have been chosen as their audit partner.<\/span><\/p>\n <\/p>\n\n
About the audit<\/h4>\n
\n
Findings<\/h4>\n
\n
Revision 2<\/h5>\n
\n
Conclusion<\/h4>\n